Filter config descriptions by config whitelist
This commit is contained in:
parent
620247a015
commit
a2fcfc78c9
@ -18,7 +18,6 @@ defmodule Pleroma.Docs.JSON do
|
|||||||
with config <- Pleroma.Config.Loader.read("config/description.exs") do
|
with config <- Pleroma.Config.Loader.read("config/description.exs") do
|
||||||
config[:pleroma][:config_description]
|
config[:pleroma][:config_description]
|
||||||
|> Pleroma.Docs.Generator.convert_to_strings()
|
|> Pleroma.Docs.Generator.convert_to_strings()
|
||||||
|> Jason.encode!()
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -37,7 +37,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
|
|||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
@descriptions_json Pleroma.Docs.JSON.compile()
|
@descriptions Pleroma.Docs.JSON.compile()
|
||||||
@users_page_size 50
|
@users_page_size 50
|
||||||
|
|
||||||
plug(
|
plug(
|
||||||
@ -892,9 +892,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
|
|||||||
end
|
end
|
||||||
|
|
||||||
def config_descriptions(conn, _params) do
|
def config_descriptions(conn, _params) do
|
||||||
|
descriptions_json =
|
||||||
|
@descriptions
|
||||||
|
|> Enum.filter(&whitelisted_config?/1)
|
||||||
|
|> Jason.encode!()
|
||||||
|
|
||||||
conn
|
conn
|
||||||
|> Plug.Conn.put_resp_content_type("application/json")
|
|> Plug.Conn.put_resp_content_type("application/json")
|
||||||
|> Plug.Conn.send_resp(200, @descriptions_json)
|
|> Plug.Conn.send_resp(200, descriptions_json)
|
||||||
end
|
end
|
||||||
|
|
||||||
def config_show(conn, %{"only_db" => true}) do
|
def config_show(conn, %{"only_db" => true}) do
|
||||||
@ -1012,7 +1017,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp whitelisted_config?(%{"group" => group, "key" => key}) do
|
defp whitelisted_config?(group, key) do
|
||||||
if whitelisted_configs = Config.get(:database_config_whitelist) do
|
if whitelisted_configs = Config.get(:database_config_whitelist) do
|
||||||
Enum.any?(whitelisted_configs, fn {whitelisted_group, whitelisted_key} ->
|
Enum.any?(whitelisted_configs, fn {whitelisted_group, whitelisted_key} ->
|
||||||
group == inspect(whitelisted_group) && key == inspect(whitelisted_key)
|
group == inspect(whitelisted_group) && key == inspect(whitelisted_key)
|
||||||
@ -1022,6 +1027,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
defp whitelisted_config?(%{"group" => group, "key" => key}) do
|
||||||
|
whitelisted_config?(group, key)
|
||||||
|
end
|
||||||
|
|
||||||
|
defp whitelisted_config?(%{:group => group} = config) do
|
||||||
|
whitelisted_config?(group, config[:key])
|
||||||
|
end
|
||||||
|
|
||||||
def reload_emoji(conn, _params) do
|
def reload_emoji(conn, _params) do
|
||||||
Pleroma.Emoji.reload()
|
Pleroma.Emoji.reload()
|
||||||
|
|
||||||
|
@ -3604,19 +3604,50 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
test "GET /api/pleroma/admin/config/descriptions", %{conn: conn} do
|
describe "GET /api/pleroma/admin/config/descriptions" do
|
||||||
admin = insert(:user, is_admin: true)
|
test "structure", %{conn: conn} do
|
||||||
|
admin = insert(:user, is_admin: true)
|
||||||
|
|
||||||
conn =
|
conn =
|
||||||
assign(conn, :user, admin)
|
assign(conn, :user, admin)
|
||||||
|> get("/api/pleroma/admin/config/descriptions")
|
|> get("/api/pleroma/admin/config/descriptions")
|
||||||
|
|
||||||
assert [child | _others] = json_response(conn, 200)
|
assert [child | _others] = json_response(conn, 200)
|
||||||
|
|
||||||
assert child["children"]
|
assert child["children"]
|
||||||
assert child["key"]
|
assert child["key"]
|
||||||
assert String.starts_with?(child["group"], ":")
|
assert String.starts_with?(child["group"], ":")
|
||||||
assert child["description"]
|
assert child["description"]
|
||||||
|
end
|
||||||
|
|
||||||
|
test "filters by database configuration whitelist", %{conn: conn} do
|
||||||
|
clear_config(:database_config_whitelist, [
|
||||||
|
{:pleroma, :instance},
|
||||||
|
{:pleroma, :activitypub},
|
||||||
|
{:pleroma, Pleroma.Upload}
|
||||||
|
])
|
||||||
|
|
||||||
|
admin = insert(:user, is_admin: true)
|
||||||
|
|
||||||
|
conn =
|
||||||
|
assign(conn, :user, admin)
|
||||||
|
|> get("/api/pleroma/admin/config/descriptions")
|
||||||
|
|
||||||
|
children = json_response(conn, 200)
|
||||||
|
|
||||||
|
assert length(children) == 3
|
||||||
|
|
||||||
|
assert Enum.all?(children, fn c -> c["group"] == ":pleroma" end)
|
||||||
|
|
||||||
|
instance = Enum.find(children, fn c -> c["key"] == ":instance" end)
|
||||||
|
assert instance["children"]
|
||||||
|
|
||||||
|
activitypub = Enum.find(children, fn c -> c["key"] == ":activitypub" end)
|
||||||
|
assert activitypub["children"]
|
||||||
|
|
||||||
|
web_endpoint = Enum.find(children, fn c -> c["key"] == "Pleroma.Upload" end)
|
||||||
|
assert web_endpoint["children"]
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "/api/pleroma/admin/stats" do
|
describe "/api/pleroma/admin/stats" do
|
||||||
|
Loading…
Reference in New Issue
Block a user